Problembeschreibung

The OpenPGP protocol is vulnerable to a timing-attack in order to
gain plain text from cipher text. The timing difference appears as a
side effect of the so-called "quick scan" and is only exploitable on
systems that accept an arbitrary amount of cipher text for automatic
decryption.
The updated packages have been patched to disable the quick check for
all public key-encrypted messages and files.